diff --git a/.gitignore b/.gitignore index deb3fb5..0846284 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,4 @@ .idea ._* .vscode - +certbot-help.txt diff --git a/.version b/.version index 530cdd9..276cbf9 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -2.2.4 +2.3.0 diff --git a/Jenkinsfile b/Jenkinsfile index 6cac8fe..cee1bf1 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -5,6 +5,7 @@ pipeline { options { buildDiscarder(logRotator(numToKeepStr: '5')) disableConcurrentBuilds() + ansiColor('xterm') } environment { IMAGE = "nginx-proxy-manager" @@ -55,50 +56,44 @@ pipeline { } stage('Frontend') { steps { - ansiColor('xterm') { - sh './scripts/frontend-build' - } + sh './scripts/frontend-build' } } stage('Backend') { steps { - ansiColor('xterm') { - echo 'Checking Syntax ...' - // See: https://github.com/yarnpkg/yarn/issues/3254 - sh '''docker run --rm \\ - -v "$(pwd)/backend:/app" \\ - -w /app \\ - node:latest \\ - sh -c "yarn install && yarn eslint . && rm -rf node_modules" - ''' + echo 'Checking Syntax ...' + // See: https://github.com/yarnpkg/yarn/issues/3254 + sh '''docker run --rm \\ + -v "$(pwd)/backend:/app" \\ + -w /app \\ + node:latest \\ + sh -c "yarn install && yarn eslint . && rm -rf node_modules" + ''' - echo 'Docker Build ...' - sh '''docker build --pull --no-cache --squash --compress \\ - -t "${IMAGE}:ci-${BUILD_NUMBER}" \\ - -f docker/Dockerfile \\ - --build-arg TARGETPLATFORM=linux/amd64 \\ - --build-arg BUILDPLATFORM=linux/amd64 \\ - --build-arg BUILD_VERSION="${BUILD_VERSION}" \\ - --build-arg BUILD_COMMIT="${BUILD_COMMIT}" \\ - --build-arg BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" \\ - . - ''' - } + echo 'Docker Build ...' + sh '''docker build --pull --no-cache --squash --compress \\ + -t "${IMAGE}:ci-${BUILD_NUMBER}" \\ + -f docker/Dockerfile \\ + --build-arg TARGETPLATFORM=linux/amd64 \\ + --build-arg BUILDPLATFORM=linux/amd64 \\ + --build-arg BUILD_VERSION="${BUILD_VERSION}" \\ + --build-arg BUILD_COMMIT="${BUILD_COMMIT}" \\ + --build-arg BUILD_DATE="$(date '+%Y-%m-%d %T %Z')" \\ + . + ''' } } stage('Test') { steps { - ansiColor('xterm') { - // Bring up a stack - sh 'docker-compose up -d fullstack' - sh './scripts/wait-healthy $(docker-compose ps -q fullstack) 120' + // Bring up a stack + sh 'docker-compose up -d fullstack' + sh './scripts/wait-healthy $(docker-compose ps -q fullstack) 120' - // Run tests - sh 'rm -rf test/results' - sh 'docker-compose up cypress' - // Get results - sh 'docker cp -L "$(docker-compose ps -q cypress):/results" test/' - } + // Run tests + sh 'rm -rf test/results' + sh 'docker-compose up cypress' + // Get results + sh 'docker cp -L "$(docker-compose ps -q cypress):/results" test/' } post { always { @@ -121,18 +116,16 @@ pipeline { } } steps { - ansiColor('xterm') { - dir(path: 'docs') { - sh 'yarn install' - sh 'yarn build' - } - - dir(path: 'docs/.vuepress/dist') { - sh 'tar -czf ../../docs.tgz *' - } - - archiveArtifacts(artifacts: 'docs/docs.tgz', allowEmptyArchive: false) + dir(path: 'docs') { + sh 'yarn install' + sh 'yarn build' } + + dir(path: 'docs/.vuepress/dist') { + sh 'tar -czf ../../docs.tgz *' + } + + archiveArtifacts(artifacts: 'docs/docs.tgz', allowEmptyArchive: false) } } stage('MultiArch Build') { @@ -142,12 +135,10 @@ pipeline { } } steps { - ansiColor('xterm') { - withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) { - sh "docker login -u '${duser}' -p '${dpass}'" - // Buildx with push - sh "./scripts/buildx --push ${BUILDX_PUSH_TAGS}" - } + withCredentials([usernamePassword(credentialsId: 'jc21-dockerhub', passwordVariable: 'dpass', usernameVariable: 'duser')]) { + sh "docker login -u '${duser}' -p '${dpass}'" + // Buildx with push + sh "./scripts/buildx --push ${BUILDX_PUSH_TAGS}" } } } @@ -193,17 +184,15 @@ pipeline { } } steps { - ansiColor('xterm') { - script { - def comment = pullRequest.comment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`") - } + script { + def comment = pullRequest.comment("Docker Image for build ${BUILD_NUMBER} is available on [DockerHub](https://cloud.docker.com/repository/docker/jc21/${IMAGE}) as `jc21/${IMAGE}:github-${BRANCH_LOWER}`") } } } } post { always { - sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30' + //sh 'docker-compose down --rmi all --remove-orphans --volumes -t 30' sh 'echo Reverting ownership' sh 'docker run --rm -v $(pwd):/data ${DOCKER_CI_TOOLS} chown -R $(id -u):$(id -g) /data' } diff --git a/README.md b/README.md index 396cbe5..4ba0f54 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,19 @@

- -

- - - - - - - - - - + +

+ + + + + + + + + + + + Gitter +

This project comes as a pre-built docker image that enables you to easily forward to your websites @@ -48,3 +51,119 @@ I won't go in to too much detail here but here are the basics for someone new to 2. Add port forwarding for port 80 and 443 to the server hosting this project 3. Configure your domain name details to point to your home, either with a static ip or a service like DuckDNS or [Amazon Route53](https://github.com/jc21/route53-ddns) 4. Use the Nginx Proxy Manager as your gateway to forward to your other web based services + + +## Contributors + +Special thanks to the following contributors: + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + +
Sebastian Valle + + 		+ + +
Kyle Klaus + + 		+ + +
ƬHE ЯAW + + 		+ + +
Spencer + + 		+ + +
Xantios Krugor + + 		+ + +
David Panesso + + 		+ + +
IronTooch + +
+ + +
Damiano + + 		+ + +
Russ + + 		+ + +
Marcelo Castagna + + 		+ + +
Steven Harris + + 		+ + +
Jocelyn Le Sage + + 		+ + +
Carl Mercier + + 		+ + +
Paul Mansfield + +
+ + +
OhHeyAlan + +
+ + +
Carl Sutton + +
+ + diff --git a/backend/internal/access-list.js b/backend/internal/access-list.js index 2f53ee1..36a9d2b 100644 --- a/backend/internal/access-list.js +++ b/backend/internal/access-list.js @@ -71,7 +71,7 @@ const internalAccessList = { // re-fetch with expansions return internalAccessList.get(access, { id: data.id, - expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients'] + expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients', 'proxy_hosts.access_list.items'] }, true /* <- skip masking */); }) .then((row) => { @@ -216,7 +216,7 @@ const internalAccessList = { // re-fetch with expansions return internalAccessList.get(access, { id: data.id, - expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients'] + expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients', 'proxy_hosts.access_list.items'] }, true /* <- skip masking */); }) .then((row) => { @@ -254,7 +254,7 @@ const internalAccessList = { .joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0') .where('access_list.is_deleted', 0) .andWhere('access_list.id', data.id) - .allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients]') + .allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients,proxy_hosts.access_list.items]') .omit(['access_list.is_deleted']) .first(); diff --git a/backend/internal/proxy-host.js b/backend/internal/proxy-host.js index c27d0dd..115af92 100644 --- a/backend/internal/proxy-host.js +++ b/backend/internal/proxy-host.js @@ -73,7 +73,7 @@ const internalProxyHost = { // re-fetch with cert return internalProxyHost.get(access, { id: row.id, - expand: ['certificate', 'owner', 'access_list.clients'] + expand: ['certificate', 'owner', 'access_list.clients', 'access_list.items'] }); }) .then((row) => { @@ -186,7 +186,7 @@ const internalProxyHost = { .then(() => { return internalProxyHost.get(access, { id: data.id, - expand: ['owner', 'certificate', 'access_list.clients'] + expand: ['owner', 'certificate', 'access_list.clients', 'access_list.items'] }) .then((row) => { // Configure nginx @@ -219,7 +219,7 @@ const internalProxyHost = { .query() .where('is_deleted', 0) .andWhere('id', data.id) - .allowEager('[owner,access_list,access_list.clients,certificate]') + .allowEager('[owner,access_list,access_list.clients,access_list.items,certificate]') .first(); if (access_data.permission_visibility !== 'all') { diff --git a/backend/templates/proxy_host.conf b/backend/templates/proxy_host.conf index 0da4bed..b553e1c 100644 --- a/backend/templates/proxy_host.conf +++ b/backend/templates/proxy_host.conf @@ -23,9 +23,11 @@ server { location / { {% if access_list_id > 0 %} + {% if access_list.items.length > 0 %} # Authorization auth_basic "Authorization required"; auth_basic_user_file /data/access/{{ access_list_id }}; + {% endif %} # Access Rules {% for client in access_list.clients %} diff --git a/docker/Dockerfile b/docker/Dockerfile index a08549a..e3eefb3 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -16,7 +16,6 @@ ENV S6_FIX_ATTRS_HIDDEN=1 ENV NODE_ENV=production RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ - && rm -rf /etc/nginx \ && apk update \ && apk add python2 certbot jq \ && rm -rf /var/cache/apk/* diff --git a/docker/dev/Dockerfile b/docker/dev/Dockerfile index f0e2d26..35f5651 100644 --- a/docker/dev/Dockerfile +++ b/docker/dev/Dockerfile @@ -6,7 +6,6 @@ ENV SUPPRESS_NO_CONFIG_WARNING=1 ENV S6_FIX_ATTRS_HIDDEN=1 RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ - && rm -rf /etc/nginx \ && apk update \ && apk add python2 certbot jq \ && rm -rf /var/cache/apk/* diff --git a/docker/rootfs/etc/nginx/nginx.conf b/docker/rootfs/etc/nginx/nginx.conf index e750e6c..0643cc2 100644 --- a/docker/rootfs/etc/nginx/nginx.conf +++ b/docker/rootfs/etc/nginx/nginx.conf @@ -26,12 +26,15 @@ http { tcp_nopush on; tcp_nodelay on; client_body_temp_path /tmp/nginx/body 1 2; - keepalive_timeout 65; + keepalive_timeout 90s; + proxy_connect_timeout 90s; + proxy_send_timeout 90s; + proxy_read_timeout 90s; ssl_prefer_server_ciphers on; gzip on; proxy_ignore_client_abort off; client_max_body_size 2000m; - server_names_hash_bucket_size 64; + server_names_hash_bucket_size 1024; proxy_http_version 1.1; proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/docker/rootfs/root/.bashrc b/docker/rootfs/root/.bashrc index fe69b78..aec8e8f 100644 --- a/docker/rootfs/root/.bashrc +++ b/docker/rootfs/root/.bashrc @@ -16,5 +16,5 @@ alias h='cd ~;clear;' echo -e -n '\E[1;34m' figlet -w 120 "NginxProxyManager" -echo -e "\E[1;36mVersion \E[1;32m${NPM_BUILD_VERSION:-2.0.0-dev}\E[1;36m (${NPM_BUILD_COMMIT:-dev}) ${NPM_BUILD_DATE:-0000-00-00}, Nginx \E[1;32m${NGINX_VERSION:-unknown}\E[1;36m, Alpine \E[1;32m${VERSION_ID:-unknown}\E[1;36m, Kernel \E[1;32m$(uname -r)\E[0m" +echo -e "\E[1;36mVersion \E[1;32m${NPM_BUILD_VERSION:-2.0.0-dev} (${NPM_BUILD_COMMIT:-dev}) ${NPM_BUILD_DATE:-0000-00-00}\E[1;36m, OpenResty \E[1;32m${OPENRESTY_VERSION:-unknown}\E[1;36m, Alpine \E[1;32m${VERSION_ID:-unknown}\E[1;36m, Kernel \E[1;32m$(uname -r)\E[0m" echo diff --git a/scripts/.common.sh b/scripts/.common.sh new file mode 100644 index 0000000..3cea091 --- /dev/null +++ b/scripts/.common.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# Colors +BLUE='\E[1;34m' +CYAN='\E[1;36m' +GREEN='\E[1;32m' +RED='\E[1;31m' +RESET='\E[0m' +YELLOW='\E[1;33m' + +export BLUE CYAN GREEN RED RESET YELLOW + +# Docker Compose +COMPOSE_PROJECT_NAME="npmdev" +COMPOSE_FILE="docker/docker-compose.dev.yml" + +export COMPOSE_FILE COMPOSE_PROJECT_NAME diff --git a/scripts/buildx b/scripts/buildx index b22d881..4da6c16 100755 --- a/scripts/buildx +++ b/scripts/buildx @@ -1,10 +1,7 @@ #!/bin/bash -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" echo -e "${BLUE}❯ ${CYAN}Building docker multiarch: ${YELLOW}${*}${RESET}" diff --git a/scripts/destroy-dev b/scripts/destroy-dev index e86b33f..1309aad 100755 --- a/scripts/destroy-dev +++ b/scripts/destroy-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists # Make sure docker exists diff --git a/scripts/docs-build b/scripts/docs-build index cdab811..9903139 100755 --- a/scripts/docs-build +++ b/scripts/docs-build @@ -1,12 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -GREEN='\E[1;32m' -RESET='\E[0m' +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker 2>/dev/null; then diff --git a/scripts/docs-upload b/scripts/docs-upload index 0f3761d..ea71fb8 100755 --- a/scripts/docs-upload +++ b/scripts/docs-upload @@ -2,11 +2,8 @@ # Note: This script is designed to be run inside CI builds -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" echo -e "${BLUE}❯ ${CYAN}Uploading docs in: ${YELLOW}$1${RESET}" diff --git a/scripts/frontend-build b/scripts/frontend-build index a54c46b..05be2ea 100755 --- a/scripts/frontend-build +++ b/scripts/frontend-build @@ -1,12 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -GREEN='\E[1;32m' -RESET='\E[0m' +. "$DIR/.common.sh" DOCKER_IMAGE=jc21/alpine-nginx-full:node diff --git a/scripts/start-dev b/scripts/start-dev index a47a935..a5e647f 100755 --- a/scripts/start-dev +++ b/scripts/start-dev @@ -1,16 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -YELLOW='\E[1;33m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker-compose 2>/dev/null; then diff --git a/scripts/stop-dev b/scripts/stop-dev index 97c68c8..3d27551 100755 --- a/scripts/stop-dev +++ b/scripts/stop-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists # Make sure docker exists diff --git a/scripts/test-dev b/scripts/test-dev index d4ad018..eb5c5bd 100755 --- a/scripts/test-dev +++ b/scripts/test-dev @@ -1,15 +1,7 @@ #!/bin/bash -e DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -CYAN='\E[1;36m' -BLUE='\E[1;34m' -RED='\E[1;31m' -RESET='\E[0m' - -COMPOSE_PROJECT_NAME="npmdev" -COMPOSE_FILE="docker/docker-compose.dev.yml" -export COMPOSE_FILE COMPOSE_PROJECT_NAME +. "$DIR/.common.sh" # Ensure docker-compose exists if hash docker-compose 2>/dev/null; then diff --git a/scripts/wait-healthy b/scripts/wait-healthy index b89aef3..b8da5d6 100755 --- a/scripts/wait-healthy +++ b/scripts/wait-healthy @@ -1,11 +1,7 @@ #!/bin/bash -CYAN='\E[1;36m' -YELLOW='\E[1;33m' -BLUE='\E[1;34m' -GREEN='\E[1;32m' -RED='\E[1;31m' -RESET='\E[0m' +DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +. "$DIR/.common.sh" if [ "$1" == "" ]; then echo "Waits for a docker container to be healthy." diff --git a/test/cypress/Dockerfile b/test/cypress/Dockerfile index 6447a16..66f7e3e 100644 --- a/test/cypress/Dockerfile +++ b/test/cypress/Dockerfile @@ -1,4 +1,4 @@ -FROM cypress/included:4.0.2 +FROM cypress/included:4.6.0 COPY --chown=1000 ./test /test diff --git a/test/package.json b/test/package.json index 3636fb9..0ac87e5 100644 --- a/test/package.json +++ b/test/package.json @@ -7,7 +7,7 @@ "@jc21/cypress-swagger-validation": "^0.0.5", "@jc21/restler": "^3.4.0", "chalk": "^3.0.0", - "cypress": "^4.0.2", + "cypress": "^4.6.0", "cypress-plugin-retries": "^1.5.2", "eslint": "^6.7.2", "eslint-plugin-align-assignments": "^1.1.2",